Frequently Asked Questions
A list of commonly asked questions to give you more information regarding AOKpass.
AOKpass is a platform and mobile application using leading-edge blockchain technology enabling Users to securely verify their health status with third-parties, while preserving the privacy of their underlying personal health data. At all times, Users have exclusive control over their personal health data, such as health certificates or test results, which are stored only on the User's mobile device and never on any external database or centralised system.
AOKpass uses pioneering distributed ledger technology based on the Ethereum permissionless blockchain. The AOKpass platform also employs state-of-the-art hashing and encryption algorithms to protect User data and maintain system security.
You can create a pass with attested medical documents on your mobile device following these steps:
- Consult with an Accredited Health Provider to get tested/vaccinated for a health requirement.
- Once you have your medical results, enter the information in the app to create a pass.
- Your information is then secured using a hashing algorithm so that it can’t be read by anyone else.
- A unique code is then generated and shown to you and your medical practitioner for them to attest to the validity of your information.
Accredited Health Providers are trusted third-party medical service providers that have been approved to provide attested health certificates to be used on AOKpass.
Can be downloaded on the Apple Appstore or Google Playstore. Device compatibility: iOS Users (iPhone 7 or higher that supports iOS 13) and Android Users (Most Android devices that support Android OS Nougat/version 7.0 or higher).
Available on the AOKpass website (aokpass.com).
Available on the AOKpass website (aokpass.com).
You can present valid passes stored your mobile device when and where verification is required following these steps:
- On your AOKpass app, select a pass to display the AOK QR Code for verification.
- Show the code to a verifier for them to scan it.
- Our technology verifies the digital signature on your code to ensure its authenticity, and displays the results to the verifier.
AOKpass is designed, developed and implemented by AOKpass Pte Ltd, in partnership with the International Chamber of Commerce (ICC), International SOS, and SGS Group.
AOKpass Pte Ltd is a private Singapore-based technology development firm focused on the design, development and implementation of AOKpass.
ICC is the world’s largest business organization representing 45 million companies and more than 1.2 billion employees globally, and is uniquely positioned to effectively encourage the adoption of AOKpass at international scale.
International SOS is the world's largest medical and travel security services firm, with two-thirds of the Fortune Global 500 companies as clients, 5 million assistance calls every year, 11,000 employees in 1,000 locations in 90 countries worldwide. 1,400 are full-time doctors and 200 are security specialists. AOKpass uses the International SOS Global Assistance Network (GAN) to provide an extensive international network for Accredited Health Providers that can attest to AOKpass digital health certificates.
The SGS Group is the world’s leading inspection, verification, testing and certification services company with more than 94,000 employees and a network of more than 2,600 offices and laboratories around the world. AOKpass leverages SGS Group's extensive international network and facilities to support the AOKpass service.
AOKpass is designed to be a global industry standard backed by the ICC as an established international non-government body for the creation and upholding of accepted industry standards. AOKpass is currently working with the International Standards Organisation and other multilateral organisations to establish and document an accepted common standard for the provision of digital health certificates (ISO/TC 215).
AOKpass is specifically designed to dynamically take into account industry best-practices and standards as they evolve.
There are 3 types of AOKpass Users employing the App, which will overlap and differ according to the situation:
- Presenters: The individual using AOKpass to store and verify their personal health status based on valid digital certificate(s).
- Attesters: Approved Accredited Health Providers who can attest to the health status of Presenters with the issue of valid digital certificate(s).
- Verifiers: Third-parties who seek to verify the health status of Presenters by scanning the QR code generated by the Presenter's App.
AOKpass is specifically designed to dynamically take into account any changes in medical science and consensus on the health status of individuals. AOKpass will continuously incorporate any new developments and advancements in medical science, such as immunology and seratology.
AOKpass is specifically designed to dynamically take into account industry best. AOKpass will continuously incorporate industry best-practices and standards are they evolve. AOKpass will continuously incorporate any new commonly-accepted practices and standards as they are established.
AOKpass can be used in any industry or scenario where the health status of individuals needs to be verified. This includes where health and safety checks may be required for access to:
- Secured sites of employment.
- Any public or private sites, such as retail spaces, live event venues, restaurants/cafes, etc.
- Cross-border travel infrastructure and carriers such as airports, airlines and other public or private modes of transport.
- Countries with travel restrictions in place via immigration and security checkpoints.
- Any other scenario requiring health status verification.
Yes. Each dedicated QR code is also associated with a time stamp .
To account for potential errors in data entry or process, the digital certificate(s) stored on the AOKpass App can be revoked in a number of ways to ensure that there is a fail-safe for invalidating certificates if necessary, which is known as "blacklisting". Blacklisting simply refers to a process by which individual or a class of digital certificates are rendered invalid, if required to remediate an error or account for a change in medical science, law and/or industry best-practice.
AOKpass employs peer-to-peer blockchain technology built on the Ethereum public blockchain network (“Ethereum”), which is a global, open-source decentralised computing platform. Unlike centralised computing networks, which are supported and secured by a single or small number of private databases and/servers (or “nodes”), Ethereum is supported and secured by a decentralised public network of discrete nodes globally (the total number nodes at any given time can be seen here: https://etherscan.io/nodetracker).
Ethereum provides a platform for the deployment of decentralised applications (“Dapps”) such as the App, which are applications that use decentralised blockchain networks to function and access the relevant functional advantages of blockchain technology (more information on Dapps can be found here: https://en.wikipedia.org/wiki/Decentralized_application).
A cryptographic ‘hash’ is a complex digital signature, formally called a cryptographic ‘proof’, that is a fundamental component of a blockchain. The important features of a hash are that it is specifically derived from the certificate information, however the certificate information cannot be derived in reverse from the hash. The hash serves as a secure signature which can be mutually verified by anyone presented with an AOKpass. In providing its service, AOKpass employs the SHA 256 hashing alogrithm, which is widely accepted as an industry standard.
What are the risks of using blockchain?
The AOKpass security model is based on two principles: simplicity and minimal possible data storage and handling. AOKpass system backend infrastructure is composed of serverless AWS functionality and other provisioned AWS cloud services, implicitly offloading any infrastructure level security threat to the AWS operations, the only possible threat is the compromise our AWS credentials, or the credentials of a few other infrastructure services (AWS, Google Play, Apple Developer Account, Pulumi, Cloudflare). These credentials are stored on secure management platforms and are shared on a need to know basis. For the sensitive data that AOKpass does store (e.g. attestor’s emails and names). AOKpass encrypts with a cold encryption key that is not present on the infrastructure. Approval of attestors is also not possible without access to a cold private key that is used for signing possible attestation sources. Besides the security of its infrastructure, the architecture of AOKpass also allows for “third party” attestation providers to host their own attestation infrastructure, if there are additional regulatory requirements.
We are in the process of penetration testing review with ISOS, we can work towards additional certification if there are any particular standards that are specified, for example ISO27001.
For general queries we can guarantee 24 hours turnaround time. However, if app fixes are required that would be ~5 days (+/-5 days for an approval from Google playstore or Apple's appstore) for the updated versions to go live. AOKpass working hours are from 8 am to 6 pm Singapore time.
Online Help support: email: email@example.com
24/7/365 phone: Singapore: +6563361179